|
Title: Apple secures Safari against FREAK attacks Post by: HCK on March 11, 2015, 09:00:16 pm Apple secures Safari against FREAK attacks
<article> <section class="page"> <p> Apple on Monday patched the FREAK flaw in both OS X and iOS, issuing updates for both operating systems to protect users of its Safari browser.</p><p> In a pair of accompanying advisories, Apple noted the FREAK fix as one of several in iOS 8.2 (https://support.apple.com/en-us/HT204423) and OS X Yosemite, Mavericks and Mountain Lion. The OS X update was labeled 2015-002 (https://support.apple.com/en-us/HT204413) to identify it as a multi-edition fix.</p><p> “Secure Transport accepted short ephemeral RSA keys, usually used only in export-strength RSA cipher suites, on connections using full-strength RSA cipher suites,” Apple stated in both advisories. “This issue, also known as FREAK, only affected connections to servers which support export-strength RSA cipher suites, and was addressed by removing support for ephemeral RSA keys.”</p><p class="jumpTag"><a href="/article/2894127/apple-secures-safari-against-freak-attacks.html#jump">To read this article in full or to leave a comment, please click here[/url]</p></section></article> Source: Apple secures Safari against FREAK attacks (http://www.macworld.com/article/2894127/apple-secures-safari-against-freak-attacks.html#tk.rss_all) |